9. Other resources available to individuals wishing to protect themselves against cyberstalking

9. Other resources available to individuals wishing to protect themselves against cyberstalking are listed in Appendix I, infra.

justice.gov | Nov 30th -0001

This page doesn't appear to be an article and therefore may not display well in the Article View. You may want to switch to the Full Web Page view.

If you know there should be an article here, help improve the article parser by reporting this page. Thanks!

1999 REPORT ON CYBERSTALKING: A NEW CHALLENGE FOR LAW ENFORCEMENT AND INDUSTRY

Cyberstalking:
A New Challenge for Law Enforcement and Industry
___________________
A Report from the Attorney General to the Vice President
August 1999
_______________________
Introduction

The new millennium is fast approaching, and the information superhighway is undergoing rapid growth. The Internet and other telecommunications technologies are promoting advances in virtually every aspect of society and every corner of the globe: fostering commerce, improving education and health care, promoting participatory democracy in the United States and abroad, and facilitating communications among family and friends, whether across the street or around the world. Unfortunately, many of the attributes of this technology - low cost, ease of use, and anonymous nature, among others - make it an attractive medium for fraudulent scams, child sexual exploitation, and increasingly, a new concern known as "cyberstalking."

Recognizing this emerging problem, Vice President Al Gore asked the Attorney General on February 26, 1999, to study the problem and to report back with recommendations on how to protect people from this threat. Responding to this request, this report explores the nature and extent of cyberstalking; surveys the steps law enforcement, industry, victims groups, and others currently are taking to address the problem; analyzes the adequacy of current federal and state laws; and provides recommendations on how to improve efforts to combat this growing problem.

As discussed below, the nature and extent of the cyberstalking problem is difficult to quantify. In addition, while some law enforcement agencies are responding aggressively, others are not fully aware of the problem and lack the expertise and resources to pursue cyberstalking cases. Similarly, while some Internet Service Providers (ISPs) have taken affirmative steps to crack down on cyberstalking, others have not, and there is a great deal more that industry can and should do to empower individuals to protect themselves against cyberstalking and other online threats.

Indeed, current trends and evidence suggest that cyberstalking is a serious problem that will grow in scope and complexity as more people take advantage of the Internet and other telecommunications technologies. The analysis and recommendations contained in this report offer a framework for an initial response to the problem. These recommendations, however, are only a first step. Important advances can be made if industry, law enforcement, victims service providers and support groups, and others work together to develop a more comprehensive and effective response to this problem. Ultimately, however, the first line of defense will involve industry efforts that educate and empower individuals to protect themselves against cyberstalking and other online threats, along with prompt reporting to law enforcement agencies trained and equipped to respond to cyberstalking incidents.

What Is Cyberstalking?

Although there is no universally accepted definition of cyberstalking, the term is used in this report to refer to the use of the Internet, e-mail, or other electronic communications devices to stalk another person. Stalking generally involves harassing or threatening behavior that an individual engages in repeatedly, such as following a person, appearing at a person's home or place of business, making harassing phone calls, leaving written messages or objects, or vandalizing a person's property. Most stalking laws require that the perpetrator make a credible threat of violence against the victim; others include threats against the victim's immediate family; and still others require only that the alleged stalker's course of conduct constitute an implied threat.⁽¹⁾ While some conduct involving annoying or menacing behavior might fall short of illegal stalking, such behavior may be a prelude to stalking and violence and should be treated seriously.

Protecting Children from On-Line Dangers Although the Internet and other forms of electronic communication offer new and exciting opportunities for children, they also expose children to new threats. For example, Federal law enforcement agencies have encountered numerous instances in which adult pedophiles have made contact with minors through online chat rooms, established a relationship with the child, and later made contact for the purpose of engaging in criminal sexual activities. Federal, state, and local law enforcement agencies have responded aggressively to protect children from online sexual predators. For example, in 1995, the Federal Bureau of Investigation launched an undercover initiative, dubbed Innocent Images, to combat the exploitation of children via commercial online services. Based in Calverton, Maryland, "Innocent Images" is the central operation and case management system for all FBI undercover online child pornography and child sexual exploitation investigations. As of December 31, 1998, the initiative has resulted in 232 convictions. Similarly, the U.S. Customs Service's CyberSmuggling Center, based in Sterling, Virginia, plays an important role in combating sexual exploitation of children via the Internet and other online communications media. The Center develops leads and tips for law enforcement investigation, receives complaints via the U.S. Customs Service website, and coordinates undercover operations against international child pornography and child sexual exploitation rings. The National Center for Missing and Exploited Children unveiled a new CyberTipline in March 1998 to serve as a national online clearinghouse for tips and leads about child sexual exploitation.www.ncmec.org) The Department of Justice, through the Office of Juvenile Justice and Delinquency Prevention's Missing and Exploited Children Program (MECP), provides funding to state and local law enforcement agencies to create multijurisdictional responses to prevent and combat Internet crimes against children. In 1998, ten state and local agencies received grants under MECP; an additional eight task forces will be funded in 1999. There are steps parents and others can take to protect children from online dangers. Parents should teach their children to follow the common-sense "rules of the road" for the Internet, including the need to protect their privacy in the online world. The FBI, for example, has prepared an online "Parent's Guide to Internet Safety." (www.fbi.gov) Moreover, individuals should report inappropriate behavior to their Internet Service Provider (ISP) or, if it involves potentially illegal conduct, to appropriate law enforcement agencies. Law enforcement agencies need to establish and/or improve programs that train their personnel to recognize the seriousness of online child sexual exploitation and how to investigate this new form of criminal conduct. They also need to work closely with ISPs and others to facilitate communication and cooperation. Finally, private companies, including ISPs, need to provide parents and children with effective tools to protect children from online exploitation, including filtering technology, parental controls, and other efforts. ISPs also need to establish clear policies that prohibit online solicitation or exploitation of children and to take appropriate action when such incidents come to their attention, as is now required under federal law. See U.S.C. 13032.

Nature and Extent of Cyberstalking

An existing problem aggravated by new technology

Although online harassment and threats can take many forms, cyberstalking shares important characteristics with offline stalking. Many stalkers - online or off - are motivated by a desire to exert control over their victims and engage in similar types of behavior to accomplish this end. As with offline stalking, the available evidence (which is largely anecdotal) suggests that the majority of cyberstalkers are men and the majority of their victims are women, although there have been reported cases of women cyberstalking men and of same-sex cyberstalking. In many cases, the cyberstalker and the victim had a prior relationship, and the cyberstalking begins when the victim attempts to break off the relationship. However, there also have been many instances of cyberstalking by strangers. Given the enormous amount of personal information available through the Internet, a cyberstalker can easily locate private information about a potential victim with a few mouse clicks or key strokes.

The fact that cyberstalking does not involve physical contact may create the misperception that it is more benign than physical stalking. This is not necessarily true. As the Internet becomes an ever more integral part of our personal and professional lives, stalkers can take advantage of the ease of communications as well as increased access to personal information. In addition, the ease of use and non-confrontational, impersonal, and sometimes anonymous nature of Internet communications may remove disincentives to cyberstalking. Put another way, whereas a potential stalker may be unwilling or unable to confront a victim in person or on the telephone, he or she may have little hesitation sending harassing or threatening electronic communications to a victim. Finally, as with physical stalking, online harassment and threats may be a prelude to more serious behavior, including physical violence.

Offline vs. Online Stalking -- A Comparison(2) Major Similarities Majority of cases involve stalking by former intimates, although stranger stalking occurs in the real world and in cyberspace. Most victims are women; most stalkers are men. Stalkers are generally motivated by the desire to control the victim. Major Differences Offline stalking generally requires the perpetrator and the victim to be located in the same geographic area; cyberstalkers may be located across the street or across the country. Electronic communications technologies make it much easier for a cyberstalker to encourage third parties to harass and/or threaten a victim (e.g., impersonating the victim and posting inflammatory messages to bulletin boards and in chat rooms, causing viewers of that message to send threatening messages back to the victim "author.") Electronic communications technologies also lower the barriers to harassment and threats; a cyberstalker does not need to physically confront the victim.

While there are many similarities between offline and online stalking, the Internet and other communications technologies provide new avenues for stalkers to pursue their victims.

A cyberstalker may send repeated, threatening, or harassing messages by the simple push of a button; more sophisticated cyberstalkers use programs to send messages at regular or random intervals without being physically present at the computer terminal. California law enforcement authorities say they have encountered situations where a victim repeatedly receives the message "187" on their pagers - the section of the California Penal Code for murder. In addition, a cyberstalker can dupe other Internet users into harassing or threatening a victim by utilizing Internet bulletin boards or chat rooms. For example, a stalker may post a controversial or enticing message on the board under the name, phone number, or e-mail address of the victim, resulting in subsequent responses being sent to the victim. Each message -- whether from the actual cyberstalker or others -- will have the intended effect on the victim, but the cyberstalker's effort is minimal and the lack of direct contact between the cyberstalker and the victim can make it difficult for law enforcement to identify, locate, and arrest the offender.

Actual Cyberstalking Incidents In the first successful prosecution under California's new cyberstalking law, prosecutors in the Los Angeles District Attorney's Office obtained a guilty plea from a 50-year-old former security guard who used the Internet to solicit the rape of a woman who rejected his romantic advances. The defendant terrorized his 28-year-old victim by impersonating her in various Internet chat rooms and online bulletin boards, where he posted, along with her telephone number and address, messages that she fantasized of being raped. On at least six occasions, sometimes in the middle of the night, men knocked on the woman's door saying they wanted to rape her. The former security guard pleaded guilty in April 1999 to one count of stalking and three counts of solicitation of sexual assault. He faces up to six years in prison. A local prosecutor's office in Massachusetts charged a man who, utilizing anonymous remailers, allegedly engaged in a systematic pattern of harassment of a co-worker, which culminated in an attempt to extort sexual favors from the victim under threat of disclosing past sexual activities to the victim's new husband. An honors graduate from the University of San Diego terrorized five female university students over the Internet for more than a year. The victims received hundreds of violent and threatening e-mails, sometimes receiving four or five messages a day. The graduate student, who has entered a guilty plea and faces up to six years in prison, told police he committed the crimes because he thought the women were laughing at him and causing others to ridicule him. In fact, the victims had never met him.

The anonymity of the Internet also provides new opportunities for would-be cyberstalkers. A cyberstalker's true identity can be concealed by using different ISPs and/or by adopting different screen names. More experienced stalkers can use anonymous remailers that make it all-but-impossible to determine the true identity of the source of an e-mail or other electronic communication. A number of law enforcement agencies report they currently are confronting cyberstalking cases involving the use of anonymous remailers.

Anonymity leaves the cyberstalker in an advantageous position. Unbeknownst to the target, the perpetrator could be in another state, around the corner, or in the next cubicle at work. The perpetrator could be a former friend or lover, a total stranger met in a chat room, or simply a teenager playing a practical joke. The inability to identify the source of the harassment or threats could be particularly ominous to a cyberstalking victim, and the veil of anonymity might encourage the perpetrator to continue these acts. In addition, some perpetrators, armed with the knowledge that their identity is unknown, might be more willing to pursue the victim at work or home, and the Internet can provide substantial information to this end. Numerous websites will provide personal information, including unlisted telephone numbers and detailed directions to a home or office. For a fee, other websites promise to provide social security numbers, financial data, and other personal information.

Evidence suggests cyberstalking is a growing problem

Although there is no comprehensive, nationwide data on the extent of cyberstalking in the United States, some ISPs compile statistics on the number and types of complaints of harassment and/or threats involving their subscribers, and individual law enforcement agencies have compiled helpful statistics. There is, moreover, a growing amount of anecdotal and informal evidence on the nature and extent of cyberstalking.

First, data on offline stalking may provide some insight into the scope of the cyberstalking problem. According to the most recent National Violence Against Women Survey, which defines stalking as referring to instances where the victim felt a high level of fear:⁽³⁾

• In the United States, one out of every 12 women (8.2 million) and one out of every 45 men (2 million) have been stalked at some time in their lives.
• One percent of all women and 0.4 percent of all men were stalked during the preceding 12 months.
• Women are far more likely to be the victims of stalking than men - nearly four out of five stalking victims are women. Men are far more likely to be stalkers - 87 percent of the stalkers identified by victims in the survey were men.
• Women are twice as likely as men to be victims of stalking by strangers and eight times as likely to be victims of stalking by intimates.

In the United States, there are currently more than 80 million adults and 10 million children with access to the Internet. Assuming the proportion of cyberstalking victims is even a fraction of the proportion of persons who have been the victims of offline stalking within the preceding 12 months, there may be potentially tens or even hundreds of thousands of victims of recent cyberstalking incidents in the United States.⁽⁴⁾ Although such a "back of the envelope" calculation is inherently uncertain and speculative (given that it rests on an assumption about very different populations), it does give a rough sense of the potential magnitude of the problem.

Second, anecdotal evidence from law enforcement agencies indicates that cyberstalking is a serious - and growing - problem. At the federal level, several dozen matters have been referred (usually by the FBI) to U.S. Attorney's Offices for possible action. A number of these cases have been referred to state and local law enforcement agencies because the conduct does not appear to violate federal law.

In addition, some local law enforcement agencies are beginning to see cases of cyberstalking. For example, the Los Angeles District Attorney's Office estimates that e-mail or other electronic communications were a factor in approximately 20 percent of the roughly 600 cases handled by its Stalking and Threat Assessment Unit. The chief of the Sex Crimes Unit in the Manhattan District Attorney's Office also estimates that about 20 percent of the cases handled by the unit involve cyberstalking. The Computer Investigations and Technology Unit of the New York City Police Department estimates that almost 40 percent of the caseload in the unit involves electronic threats and harassment -- and virtually all of these have occurred in the past three or four years.

Third, ISPs also are receiving a growing number of complaints about harassing and threatening behavior online. One major ISP receives approximately 15 complaints per month of cyberstalking, in comparison to virtually no complaints of cyberstalking just one or two years ago.

Finally, as part of a large study on sexual victimization of college women, researchers at the University of Cincinnati conducted a national telephone survey of 4,446 randomly selected women attending two- and four-year institutions of higher education. The survey was conducted during the 1996-97 academic year. In this survey, a stalking incident was defined as a case in which a respondent answered positively when asked if someone had "repeatedly followed you, watched you, phoned, written, e-mailed, or communicated with you in other ways that seemed obsessive and made you afraid or concerned for your safety." The study found that 581 women (13.1 percent) were stalked and reported a total of 696 stalking incidents; the latter figure exceeds the number of victims because 15 percent of the women experienced more than one case of stalking during the survey period. Of these 696 stalking incidents, 166 (24.7 percent) involved e-mail. Thus, 25 percent of stalking incidents among college women could be classified as involving cyberstalking.⁽⁵⁾

Current Efforts to Address Cyberstalking

The law enforcement response

Cyberstalking is a relatively new challenge for most law enforcement agencies. The first traditional stalking law was enacted by the state of California in 1990 - less than a decade ago. Since that time, some law enforcement agencies have trained their personnel on stalking and/or established specialized units to handle stalking cases. Nonetheless, many agencies are still developing the expertise and resources to investigate and prosecute traditional stalking cases; only a handful of agencies throughout the country have focused attention or resources specifically on the cyberstalking problem.⁽⁶⁾

Law enforcement response: awareness and training are key factors

Based on recent informal surveys of law enforcement agencies, it appears that the majority of agencies have not investigated or prosecuted any cyberstalking cases. However, some agencies - particularly those with units dedicated to stalking or computer crime offenses - have large cyberstalking caseloads. As noted above, the New York Police Department's Computer Investigation and Technology Unit and the Los Angeles District Attorney's Stalking and Threat Assessment Team estimate that 40 and 20 percent of their caseloads, respectively, involve cyberstalking-type cases.

"Cyberspace has become a fertile field for illegal activity. By the use of new technology and equipment which cannot be policed by traditional methods, cyberstalking has replaced traditional methods of stalking and harassment. In addition, cyberstalking has led to offline incidents of violent crime. Police and prosecutors need to be aware of the escalating numbers of these events and devise strategies to resolve these problems through the criminal justice system." Linda Fairstein Chief of Sex Crimes Prosecution Unit Manhattan District Attorney's Office

The disparity in the activity level among law enforcement agencies can be attributed to a number of factors. First, it appears that the majority of cyberstalking victims do not report the conduct to law enforcement, either because they feel that the conduct has not reached the point of being a criminal offense or that law enforcement will not take them seriously. Second, most law enforcement agencies have not had the training to recognize the serious nature of cyberstalking and to investigate such offenses. Unfortunately, some victims have reported that rather than open an investigation, a law enforcement agency has advised them to come back if the cyberstalkers confront or threaten them offline. In several instances, victims have been told by law enforcement simply to turn off their computers.

Law Enforcement: Lack of Training and Expertise Can Frustrate Victims, Hinder Response A recent incident demonstrates how the lack of law enforcement training and expertise can frustrate cyberstalking victims: A woman complained to a local police agency that a man had been posting information on the web claiming that her nine-year-old daughter was available for sex. The web posting included their home phone number with instructions to call 24 hours a day. They received numerous calls. The couple reported the problem to the local police agency on numerous occasions, but the agency simply advised the couple to change their home phone number. Subsequently, the couple contacted the FBI, which opened an investigation. It was discovered that the local police agency did not have a computer expert, and the investigative officer had never been on the Internet. The local agency's lack of familiarity and resources may have resulted in a failure to understand the seriousness of the problem and the options available to law enforcement to respond to such problems.

Another indication that many law enforcement agencies underestimate the magnitude of the cyberstalking problem is the wide disparity in reported cases in different jurisdictions across the country. For example, one state attorney general's office in a midwestern state indicated that it received approximately one inquiry a week regarding cyberstalking cases and that it is aware of approximately a dozen prosecutions last year alone. In contrast, the state attorney general's offices in neighboring states indicated they have never received an inquiry into this type of behavior. Although one would generally expect some disparity in differing jurisdictions, the size of the disparity suggests that some law enforcement agencies do not have the training or expertise to recognize the magnitude of the problem in their jurisdictions.

Law enforcement response: jurisdictional and statutory limitations may frustrate some agencies

Some state and local law enforcement agencies also have been frustrated by jurisdictional limitations. In many instances, the cyberstalker may be located in a different city or state than the victim making it more difficult (and, in some cases, all but impossible) for the local authority to investigate the incident. Even if a law enforcement agency is willing to pursue a case across state lines, it may be difficult to obtain assistance from out-of-state agencies when the conduct is limited to harassing e-mail messages and no actual violence has occurred. A number of matters have been referred to the FBI and/or U.S. Attorney's offices because the victim and suspect were located in different states and the local agency was not able to pursue the investigation.

The lack of adequate statutory authority also can limit law enforcement's response to cyberstalking incidents. At least 16 states have stalking statutes that explicitly cover electronic communications,⁽⁷⁾ and cyberstalking may be covered under general stalking statutes in other states. It may not, however, meet the statutory definition of stalking in the remainder. In many cases, cyberstalking will involve threats to kill, kidnap, or injure the person, reputation, or property of another, either on or offline and, as such, may be prosecuted under other federal or state laws that do not relate directly to stalking.

Finally, federal law may limit the ability of law enforcement agencies to track down stalkers and other criminals in cyberspace. In particular, the Cable Communications Policy Act of 1984 (CCPA) prohibits the disclosure of cable subscriber records to law enforcement agencies without a court order and advance notice to the subscriber. See 47 U.S.C. 551(c), (h). As more and more individuals turn to cable companies as their ISPs, the CCPA is posing a significant obstacle to the investigation of cybercrimes, including cyberstalking. For example, under the CCPA, a law enforcement agency investigating a cyberstalker who uses a cable company for Internet access would have to provide the individual notice that the agency has requested his/her subscriber records, thereby jeopardizing the criminal investigation. While it is appropriate to prohibit the indiscriminate disclosure of cable records to law enforcement agencies, the better approach would be to harmonize federal law by providing law enforcement access to cable subscriber records under the same privacy safeguards that currently govern law enforcement access to records of electronic mail subscribers under 18 U.S.C. 2703. Moreover, special provisions could be drafted to protect against the inappropriate disclosure of records that would reveal a customer's viewing habits.

Law enforcement response: the challenge of anonymity

Another complication for law enforcement is the presence of services that provide anonymous communications over the Internet. To be sure, anonymity provides important benefits, including protecting the privacy of Internet users. Unfortunately, cyberstalkers and other cybercriminals can exploit the anonymity available on the Internet to avoid accountability for their conduct.

Anonymous services on the Internet come in one of two forms: the first allows individuals to create a free electronic mailbox through a web site. While most entities that provide this service request identifying information from users, such services almost never authenticate or otherwise confirm this information. For these services, payment is typically made in advance through the use of a money order or other non-traceable form of payment. As long as payment is received in advance by the ISP, the service is provided to the unknown account holder. The second form comprises mail servers that purposefully strip identifying information and transport headers from electronic mail. By forwarding mails through several of these services serially, a stalker can nearly perfectly anonymize the message. The presence of both such services makes it relatively simple to send anonymous communications, while making it difficult for victims, providers, and law enforcement to identify the person or persons responsible for transmitting harassing or threatening communications over the Internet.

Law enforcement response: specialized units show promise in combating cyberstalking

A growing number of law enforcement agencies are recognizing the serious nature and extent of cyberstalking and taking aggressive action to respond. Some larger metropolitan areas, such as Los Angeles and New York, have seen numerous incidents of cyberstalking and have specialized units available to investigate and prosecute these cases. For example, Los Angeles has developed the Stalking and Threat Assessment Team. This team combines special sections of the police department and district attorney's office to ensure properly trained investigators and prosecutors are available when cyberstalking cases arise. In addition, this specialized unit is given proper resources, such as adequate computer hardware and advanced training, which is essential in investigating and prosecuting these technical cases. Similarly, the New York City Police Department created the Computer Investigation and Technology Unit. This unit provides regular training for police officers and prosecutors regarding the intricacies of cyberstalking investigations and prosecutions. The training includes understanding how chat rooms operate, how to obtain and preserve electronic evidence, and how to draft search warrants and subpoenas.

The programs in New York and Los Angeles both ensure that enforcement personnel receive proper training and have adequate resources to combat cyberstalking. Other jurisdictions are also taking steps to combat cyberstalking. One of the critical steps is learning how to trace communications sent over computers and the Internet. Traditional law enforcement techniques for surveillance, investigation, and evidence gathering require modification for use on computer networks and often require the use of unfamiliar legal processes. Law enforcement at all levels must be properly trained to use network investigative techniques and legal process while protecting the privacy of legitimate users of the Internet. These techniques are similar to those used in investigating other types of computer crime. Just as a burglar might leave fingerprints at the scene of a crime, a cyberstalker can leave an "electronic trail" on the web that properly trained law enforcement can follow back to the source. Thus, technological proficiency among both investigators and prosecutors is essential.

At present, there are numerous efforts at the federal and state levels that focus solely on high technology crimes. These units do not focus on cyberstalking alone, but they have the necessary expertise in computers and the Internet to assist in the investigation of cyberstalking when it arises. For example, the Federal Bureau of Investigation (FBI) has Computer Crime Squads throughout the country, as well as the National Infrastructure Protection Center in Washington, to ensure cybercrimes are properly investigated. Additionally, they have Computer Analysis and Response Teams to conduct forensics examinations on seized magnetic media. Similarly, in 1996 the Justice Department established the Computer Crime and Intellectual Property Section within the Criminal Division. These units have highly trained personnel who remain on the cutting edge of new technology and investigative techniques. In addition, each U.S. Attorney's office contains experienced computer crime prosecutors. These individuals -- Computer and Telecommunications Coordinators -- assist in the investigation and prosecution of a wide variety of computer crimes, including cyberstalking. In addition, at the state level, several attorneys general have established special divisions that focus on computer crimes.

Although high-tech expertise is essential, police and prosecutors have developed other strategies for helping victims of cyberstalking. An Assistant U.S. Attorney reported that in two recent cases of e-mail harassment, he asked an FBI agent to confront the would-be harasser. The agent advised that such behavior might constitute a criminal offense. In both instances, the harassment stopped. Such strategies, however, are no substitute for prosecution under federal or state law in the appropriate circumstances.

A critical step in combating cyberstalking is understanding stalking in general. In many instances, cyberstalking is simply another phase in an overall stalking pattern, or it is regular stalking behavior using new, high-technology tools. Thus, strategies and techniques that have been developed to combat stalking in general often can be adapted to cyberstalking situations. Fortunately, many state and local law enforcement agencies have begun to focus on stalking, and some have developed special task forces to deal with this problem. In addition, the Attorney General submits an annual report to Congress entitled "Stalking and Domestic Violence." This report compiles valuable information about what the Department of Justice has learned about stalking and stalkers and is a valuable resource for law enforcement agencies and others.⁽⁸⁾

Cyberstalking is expected to increase as computers and the Internet become more popular. Accordingly, law enforcement at all levels must become more sensitive to cyberstalking complaints and devote the necessary training and resources to allow proper investigation and prosecution. By becoming technologically proficient and understanding stalking in general, agencies will be better prepared to respond to cyberstalking incidents in their jurisdictions. In addition, state and local agencies can turn to their local FBI or U.S. Attorney's office for additional technical assistance. Also, computer crime units and domestic violence units should share information and expertise, since many cyberstalking cases will include elements of both computer crime and domestic violence. Finally, law enforcement must become more sensitive to the fear and frustration experienced by cyberstalking victims. Proper training should help in this regard, but law enforcement at all levels should take the next step and place special emphasis on this problem. Computers and the Internet are becoming indispensable parts of America's culture, and cyberstalking is a growing threat. Responding to a victim's complaint by saying "just turn off your computer" is not acceptable.

Industry efforts

Although the Internet industry has tried to combat abusive electronic communications overall, the industry as a whole has not addressed cyberstalking in particular. According to a review conducted as part of the preparation of the report, most major ISPs have established an address to which complaints of abusive or harassing electronic mail can be sent (generally, this address is "abuse@[the ISP's domain]" -- for example, "abuse@aol.com". In addition, these providers almost uniformly have provisions in their online agreements specifically prohibiting abusive or harassing conduct through their service and providing that violations of the policy will result in termination of the account.

In practice, however, ISPs have focused more on assisting their customers in avoiding annoying online behavior, such as receiving unsolicited commercial electronic mail ("spamming") or large amounts of electronic mail intentionally sent to an individual ("mail-bombing"); relatively less attention has been paid to helping victims of cyberstalking or other electronic threats. For some ISPs, the procedures for lodging complaints of online harassment or threats were difficult to locate, and their policies about what does or does not constitute a violation of service agreements were generally unhelpful. In addition, many ISPs do not inform their customers about what steps, if any, the ISP has taken to follow-up on their customer's complaint. These problems -- hard-to-locate complaint procedures, vague policies about what does and does not constitute prohibited harassment, and inadequate follow-up on complaints -- may pose serious obstacles to cyberstalking victims who need help.

Online industry associations respond that providing such protection to their customers is costly and difficult. Although they recognize that larger ISPs have begun to commit resources to dealing with harassment online, they caution that the costs of imposing additional reporting or response obligations upon ISPs may make it difficult for small or entrepreneurial ISPs to continue providing service at competitive rates. For example, the Commercial Internet Exchange, whose members carry approximately 75 percent of U.S. backbone traffic, cautions that no attempt to impose reporting requirements should be made unless fully justified by the record. However, according to the same group, the decentralized nature of the Internet would make it difficult for providers to collect and submit such data. Accordingly, the evidence of the scope of the cyberstalking problem is likely to remain for the forseeable future defined primarily by anecdotal evidence, with no basis to determine whether the phenomenon is growing, static, or declining.

Industry efforts: educating and protecting consumers

Despite the difficulty in fully defining the scope of the cyberstalking problem, however, industry has made notable efforts to inform consumers about ways to protect themselves online. Such information is principally focused on protecting children and consumers on the Internet. For example, since 1996, the Internet Alliance, one of the key Internet industry groups, has worked with the Federal Trade Commission and government agencies on Project OPEN (Online Public Education Network). Project OPEN provides information about fraud, parental controls, and protecting privacy.⁽⁹⁾ Although this information is not specifically relevant to cyberstalking, much of the advice about protecting children and safeguarding privacy while online may be of assistance to individuals who want to use the Internet while protecting against potential cyberstalkers. More recently, a number of industry organizations have joined together to develop, GetNetWise.Com - a single, comprehensive online resource to help parents and children use the Internet in a safe and educational manner.

Other similar industry efforts have recently been announced to address other aspects of computer-related crime. For example, the Department of Justice and the Information Technology Association of America (ITAA) announced the Cybercitizen Partnership in March 1999. This partnership is intended to boost cooperation between industry and government, expand public awareness of computer crime issues among children and adolescents, and provide resources for government to draw upon in addressing computer crime. The industry has also responded to the complaints of parents who are worried about the content available to their children over the Internet by announcing the "One Click Away" initiative to give parents important information about protecting their children in a central location. Similar education and outreach efforts, approached through cooperation between industry and government, may educate individuals concerned about these issues and therefore mitigate some of the dangers of cyberstalking.

In addition, other Internet industry sectors have begun to address aspects of the cyberstalking problem. Many of these solutions focus on the ability of individuals to protect themselves against unwanted communications. For example, most Internet "chat" facilities offer users the ability to block, squelch, or ignore chat messages or "paging" from individuals who are attempting to annoy or threaten them. Similarly, many e-mail users have tools which allow the users to block e-mail from individuals who are attempting to harass or annoy them. Such a solution may be useful in situations where the communications are merely annoying. Unfortunately, such a solution is less appropriate when threatening communications are received, because a victim who never "receives" the threat may not know they are being stalked, and may be alerted, for the first time, when the stalker shows up to act on the threat.

In another type of response, providers have begun to set up "gated communities" for individuals, families, and children. The techniques used by such communities are still in developmental stages, but they range from specialized servers, which allow potentially objectionable content to be filtered at the server, to designated areas for children and teens, which place restrictions on the amount or types of personal information that will be provided to others. Individuals who are concerned about being stalked may find refuge in such communities.

While these efforts all reflect important initiatives for self-protection, both industry and government representatives agree that a key component of addressing the cyberstalking problem is education and empowerment: If individuals are given clear direction about how to protect themselves against threatening or harassing communications, and how to report incidents when they do occur, both industry and law enforcement will be in a position to cooperate to conduct investigations.

Industry efforts: cooperation with law enforcement

Both industry and law enforcement benefit when crime over the Internet is reduced. In particular, the Internet industry benefits significantly whenever citizen and consumer confidence and trust in the Internet is increased. Accordingly, both industry and law enforcement recognize the need to cooperate more fully with one another in this area. Industry representatives have noted that contact between industry and law enforcement -- particularly in the area of harassment -- is sporadic and episodic. Industry representatives, who were consulted as part of the preparation of this report, indicated their willingness to participate in training efforts for law enforcement. Law enforcement -- particularly on the state and local level, who will often be first responders to cyberstalking complaints -- should be willing to engage industry in dialogue and take advantage of the expertise offered by industry in designing training programs. Moreover, closer cooperation between law enforcement and industry will help to ensure that law enforcement officers know who at the ISPs to call and how to proceed when they receive a complaint, and ISPs have a contact in law enforcement when they receive a complaint that warrants intervention by law enforcement.

Victims and support organizations

Because cyberstalking is a relatively new criminal phenomenon, very little public attention and resources have been committed to addressing this crime. Consequently, victims of online harassment and threats, often in collaboration with victim service providers and advocates, have had to step in to fill the void by developing their own informal support networks and informational web sites to exchange information about how to respond to these crimes effectively.

Victim service providers report that the Internet is rapidly becoming another weapon used by batterers against their victims. Just as in real life, abused women can be followed in cyberspace by their batterers, who may surreptitiously place their target under surveillance without her knowledge and use the information to threaten her or discredit her by putting misinformation on the Internet. Victim service providers recommend that victims make copies of all e-mails sent by the batterer as evidence of his stalking and advise a victim to let the stalker know that she does not want to have any further contact with him. SAFE House, a domestic violence victim service provider in Michigan, suggests that victims change their passwords often; refrain from telling anyone what the password is; do not use a password or other identifying information that the batterer/stalker can guess; set up a program that requires a password even to get on the computer; be sure to clear out the history information if programs such as ICQ, AOL Communicator, and Excite PAL, are used; remember that many chat rooms have archives that can be accessed later on by anyone; be careful about what is said in chat rooms and use an alias that is only known to good friends; be aware that if the screen name of the assailant is known, he can be blocked from tracking victims through a buddy list on AOL; and, consult the ISP about the best way to secure their account.

A focus group convened on October 30, 1998, by the Office for Victims of Crime, a component within the U.S. Department of Justice, sought to identify the needs of stalking victims, including victims whose stalkers used the Internet to track and to harass their victims. The victims at the focus group emphasized that although the response of law enforcement and victim service providers is important, stalking victims need a wide range of services from doctors, mental health providers, day care providers, welfare and child protection workers, school staff, and employers. In addition, the focus group participants indicated that community awareness and understanding of what constitutes stalking behavior is critical to the support and well-being of stalking victims. Finally, all of the stalking victims reported that the consequences of not being believed or supported, or having their fears viewed as exaggerated or unrealistic, can be devastating. Some victims feel isolated and alone, are made to believe that the stalking is their fault, lose primary relationships, or fear losing their jobs. These issues are just as relevant to cyberstalking victims as they are to victims of offline stalking.

Adequacy of Existing Laws

Although stalking has been a problem for many years, only in this decade has it received significant attention from lawmakers, policy officials, and law enforcement agencies. In 1990, California became the first state to enact a specific stalking law. Since that time, all 50 states and the District of Columbia have enacted stalking laws.

State cyberstalking laws

Less than one third of the states have anti-stalking laws that explicitly cover stalking via the Internet, e-mail, pagers, or other electronic communications. California, for example, only recently amended its stalking statute to cover cyberstalking. This law was used in the prosecution of a 50-year-old former security guard who pleaded guilty on April 28, 1999, to one count of stalking and three counts of solicitation of sexual assault after using the Internet to solicit the rape of a woman who rejected his romantic advances. While the general stalking statutes in some states may cover cyberstalking, all states should review their laws to ensure they prohibit and provide appropriate punishment for stalking via the Internet and other electronic communications.

Federal cyberstalking laws

Federal law provides a number of important tools that are available to combat cyberstalking. Under 18 U.S.C. 875(c), it is a federal crime, punishable by up to five years in prison and a fine of up to $250,000, to transmit any communication in interstate or foreign commerce containing a threat to injure the person of another. Section 875(c) applies to any communication actually transmitted in interstate or foreign commerce - thus it includes threats transmitted in interstate or foreign commerce via the telephone, e-mail, beepers, or the Internet.

Although 18 U.S.C. 875 is an important tool, it is not an all-purpose anti-cyberstalking statute. First, it applies only to communications of actual threats. Thus, it would not apply in a situation where a cyberstalker engaged in a pattern of conduct i